Dealing with Spyware

1
Dealing with Spyware
2
Spyware poses one of the greatest threats to our
computers security, in that its consequences can
be far reaching. Also, the more we rely on
computers and the internet, the worse the problem
is likely to get. So it is very important that we
learn how to deal with it and how to protect our
computers.

3
To begin with, we shall define what is meant by
spyware

In the field of computing, the term spyware
refers to a broad category of malicious software
designed to intercept or take partial control of
a computer's operation without the informed
consent of that machine's owner or legitimate
user. While the term taken literally suggests
software that surreptitiously monitors the user,
it has come to refer more broadly to software
that subverts the computer's operation for the
benefit of a third party. Wikipedia Oct 2006
4
Wikipedia also provides a more practical
definition

In simpler terms, spyware is a type of program
that watches what users do with their computer
and then sends that information over the
internet. Spyware can collect many different
types of information about a user. More benign
programs can attempt to track what types of
websites a user visits and send this information
to an advertisement agency. More malicious
versions can try to record what a user types to
try to intercept passwords or credit card
numbers. Yet other versions simply launch popup
advertisements. Wikipedia Oct 2006
5
It should be clear that nowadays, with the rise
of online banking, online shopping, chatting,
videoconferencing, online gaming, etc, our
computer, passwords, documents, and online
identities are at serious risk. For example,
spyware might send data back to the malicious
programmer as to bank accounts/details, or even
private information that allows them to open
accounts in your name.

6
Note that in the case of computers that are
members of an internal network (be it at work, or
in your own home network), compromise of a single
computer may also allow the further compromise of
other computers on that network. Also, people
might use the same password in more than one
system/account hence a simple compromise could
have far reaching consequences.

7
Fortunately, with todays operating systems and
major internet browsers (if kept up to date), the
more malicious types of spyware usually require
user intervention to enable the attack. So as a
first line of defence, a bit of caution will pay
great dividends. In fact, most attacks will ask
the user if it is ok to install a
particular software or plug-in.

8
Hence, keep your system up to date, and beware of
what you install!

Make sure that you trust the vendor before
installing software. Is it from a major software
house? Has it been recommended by someone you
trust?
9
Beware of installations, extra toolbars, file
sharing programs, files you receive over the
internet, etc. All these may seem very safe, as
in just something fun from a friend, but they
may also be spyware.

10
Also, beware of anything that wants to access
resources on your computer. Particularly if
they require access to your file system A lot of
free, fun programs (and some free work utilities
too) can be vehicles for spyware.

11
Last of all, take comfort from the fact that most
spyware authors are really interested in large
prey. Unless they can easily get to your details
and use them to great profit, it is unlikely that
your system although vulnerable will be
exploited (though this may well change). However
it pays to be safe Use anti-spyware tools, be
careful of what you open/install, try not to keep
your most secret details in easy to reach files,
steer away from dubious websites, and keep an eye
on your bank transactions to spot any
unrecognised expenditure.

12
With all this in mind, we can now look at ways of
detecting spyware and protecting our computers.
The best way is to use a recognised anti-spyware
tool. Some are available from major IT security
vendors, such as McAfee and Symantecs Norton,
while others may be free for personal use, or
provided by your Internet service provider (such
as AOL Spyware Protection). Note that some free
tools that purport to be anti-spyware, are in
fact spyware themselves

13
In what remains we shall look a two simple tools.
However the procedure is similar for most
anti-spyware tools. It consists in keeping the
system up to date (ideally having this done
automatically via Microsoft Update), keeping the
anti-spyware tool up to date (again, ideally
automatically) and having regular scans for
spyware. Furthermore, it pays to do a bit of
research before taking any drastic actions, to
prevent being the victims of hoaxes or
socially engineered attacks.

14
The tools we will look at are both free. These
are AOL Spyware Protection, and the more powerful
Spybot Search Destroy tool. Select the links
below to view the tutorials

• using AOL Spyware Protection
• using Spybot Search Destroy (Part 1)
• using Spybot Search Destroy (Part 2)

view
view
view
Note This does not represent the endorsement of
particular products, nor does it recommend these
products in favour of other ones. The tutorials
are simply used to illustrate the simple steps
that are likely to be needed with most
anti-spyware tools. More information and links
are provided in the next page.
15
The following is a list of links to major sites
about spyware information and spyware tools

• Wikipedia
• Protect Your Computer by Microsoft
• Spybot Search Destroy
• McAfee
• Symantec
• Sysinternals Process Explorer
• WinTasks Process Library

x